Editing An Existing Acl; Using The Cli To Edit Acls; General Editing Rules - HP ProCurve 2910al Access Security Manual

Editing an Existing ACL

The CLI provides the capability for editing in the switch by using sequence
numbers to insert or delete individual ACEs. An offline method is also avail­
able. This section describes using the CLI for editing ACLs. To use the offline
method for editing ACLs, refer to "Creating or Editing ACLs Offline" on page
9-94.

Using the CLI To Edit ACLs

You can use the CLI to delete individual ACEs from anywhere in an ACL,
append new ACEs to the end of an ACL, and insert new ACEs anywhere within
an ACL.

General Editing Rules

■ Named ACLs:
• When you enter a new ACE in a named ACL without specifying a
sequence number, the switch inserts the ACE as the last entry in the
ACL.
• When you enter a new ACE in a named ACL and include a sequence
number, the switch inserts the ACE according to the position of the
sequence number in the current list of ACEs.
Numbered ACLs: When using the access-list < 1 - 99 | 100 - 199 >
■
command to create or add ACEs to a numbered ACL, each new ACE
you enter is added to the end of the current list. (This command does
not offer a < seq-# > option for including a sequence number to enable
inserting an ACE at other points in the list.) Note, however, that once
a numbered list has been created, you have the option of accessing it
in the same way as a named list by using the ip access-list < standard
| extended > command. This enables you to edit a numbered list in the
same way that you would edit a named list. (See the next item in this
list.)
IPv4 Access Control Lists (ACLs)

Editing an Existing ACL

9-75